For example, we have a mailbox firstname.lastname@example.org and I’d like to set up an MFA protection on it with Google Authenticator (see the Authy: step by step Multi-Factor Authentication configuration for Github and AWS).
But this box is used by other people so I need to have a way to share TOTOP with all of them.
To do this – they all can configure their own Authentificatior application with the same code during an initial MFA configuration in the Google Account. But still, if any of them will leave the company – we will have to re-generate the code and update it on all devices… Not too good, hah?
Another solution to share a TOTP could be using Bitwarden and its TOTP-codes field.
Let’s do it.
First, set up an MFA in Gmail as usual – add a phone number, confirm with an SMS code, and go to the Google Authentificator configuration:
Devie no matter here, just press Next:
Click on the Can’t scan it:
And instead of a QR code – you’ll get it in a simple string:
Add it to the Bitwarden into the Authenticator Key (TOTP) field:
Save, get the code, go back and confirm it in the Google:
And now your team can use Bitwarden as any similar MFA-tools – just copy the code from there:
- 12/05/2019 Bitwarden: расшаренный MFA для общих аккаунтов Google
- 04/17/2019 Authy: настройка Multi-Factor Authentication для Github и AWS
- 10/25/2019 Okta: G-Suite integration – provisioning and users import and export
- 12/12/2019 KeePass: an MFA TOTP codes, a browser’s passwords, SSH keys passwords storage configuration and Secret Service integration